[olug] IMAPS proxy?

[Obi-Wan]

Do any of you folks know of any software that will proxy IMAPS
(port 993) connections, terminate the SSL at the proxy, and then
pass the connection off to a back-end IMAP (non-SSL) server?

The non-negotiable back-end server is Oracle Collaboration Suite,
but let's just assume it's an arbitrary, standards-compliant IMAP
server.  OCS has the annoying feature that turning on SSL is an
all or nothing venture.  Either EVERYBODY (even in house) uses
SSL for all connections (web, email, & calendar), or NOBODY can.
There's no way to require it from external connections without
also requiring it internally.  SSL imposes a hefty CPU load, so
we'd rather avoid it altogether and move the SSL terminator out
to a reverse proxy in our DMZ.  We've done that with HTTP using
Squid, but IMAP is proving difficult.

The only IMAP proxy I've been able to find is a Russian program
named nginx (Engine-X), but English documentation is sparse, and
I can't find anything that tells how to configure an IMAPS proxy
(although it does claim to support it).

-- 
Ben "Obi-Wan" Hollingsworth                             obiwan at jedi.com
   The stuff of earth competes for the allegiance I owe only to the
     Giver of all good things, so if I stand, let me stand on the
       promise that You will pull me through.  -- Rich Mullins